10 matches found
SUSE CVE-2021-29597
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...
GHSA-JJM6-4VF7-CJH4 Integer overflow in `SpaceToBatchND`
Impact The implementation of tf.rawops.SpaceToBatchND in all backends such as XLA and handwritten kernels is vulnerable to an integer overflow: python import tensorflow as tf input = tf.constant-3.5e+35, shape=10,19,22, dtype=tf.float32 blockshape = tf.constant-1879048192, shape=2, dtype=tf.int64...
CVE-2022-29203
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SpaceToBatchND in all backends such as XLA and handwritten kernels is vulnerable to an integer overflow: The result of this integer overflow is used to...
GHSA-V52P-HFJF-WG88 Division by zero in TFLite's implementation of `SpaceToBatchNd`
Impact The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error: cc TFLITEENSUREEQcontext, finaldimsize % blockshapedim, 0; outputsize-datadim + 1 = finaldimsize / blockshapedim; An attacker can craft a model such that one dimension of the block input is ...
PYSEC-2021-723
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...
PYSEC-2021-525
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...
PYSEC-2021-234
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...
PYSEC-2021-723
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...
CVE-2021-29597
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...
PT-2021-18348 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2, 2.3.3, 2.2.3, and 2.1.4 are also affected Description: The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a...